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Some approaches to increasing program reliability involve a disciplined use of program- 
ming languages so as to minimise the hazards introduced by error-prone features. This 
is realised by writing code that is constrained to a subset of the a priori admissible 
programs, and that, moreover, may use only a subset of the language. These subsets 
are determined by a collection of so-called coding rules. Standard coding rule sets exist 
that target different languages (e.g. MISRA-C for the C language or HICPP for C++) 
and application domains. Some organisations do set up their own coding rule sets. 

A major drawback of actual coding rule sets is that they are written in natural 
language, which bears ambiguity and undermines any effort to enforce them automat- 
ically. This work aims at defining a framework to formalise coding rules and check for 
conformity with them, using logic programming. It is part of the Global GCC project 
(http://www.ggcc.info/), an ITEA funded EU programme intended to enrich the 
GNU Compiler Collection with advanced project-wide analysis capacities. 

The overwhelming diversity of rules (they range from being trivially enforceable to 
expressing non-computable properties) has obliged us to focus first on a particular class 
that we have termed structural rules: those which deal with static entities in the code 
(classes, member functions, etc.) and their properties and relationships (inheritance, 
overriding, etc.) We have identified a significant number of rules of this kind that can be 
statically checked, being at the same time more interesting than those purely syntactic. 

Rules are formalised using first order logic: relationships between program entities 
are encoded as facts (thus giving an abstract description of the program) and a formula 
is generated for every coding rule. When these, together, are inconsistent, the program 
violates the coding rule. We automate this process by generating a program-dependent 
set of Prolog facts and program-independent predicates which describe rule violations. 
For example, a violation of rule 3.3.15 of HICPP, which reads "ensure base classes 
common to more than one derived class are virtual" , is codified as: 

violate_hicpp_3_3_15 (A , B ,C , D ) :- class (A), class(B), class(C), class(D), 
B \= C, direct_base_of CA , B) , direct_base_of (A , C) , 
base_of (B , D) , base.of (C , D) , \+ v Irt ual _bas e_ of ( A , C ) . 

Successful queries to this predicate pinpoint infringements of the rule and the an- 
swer substitutions identify a source of the violation. 

As rule-writers may not be proficient in Prolog, we provide a user-friendly domain- 
specific language (DSL) that also increases expressiveness by, e.g., allowing quantifica- 
tion over some specific domains or providing facilities for defining closures. At the DSL 
core there is a set of predefined predicates describing (structural) program properties, 
such as those used in the above rule, that are gathered during the compilation process. 
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